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(54) Title: ENCRYPTION SYSTEM FOR SECURE DATA 
(57) Abstract 

A data security system for digitized data that can use bom encryption and steganographic techniques. Data is encrypted using selected 
encryption protocols and algorithms. The resulting ciphertext is then treated to a steganographic encoding into a secondary data stream. 
This encoding is performed by replacing the least significant bit of selected bytes in the secondary data stream with the bits of the ciphertext. 
Selection of those bytes is performed via ciphertext created using a separate encryption procedure that uses an encryption key as both the 
key and as the data to be encrypted. The format of the secondary data stream is usually chosen so that it will not be obvious mat it has 
been modified. The modified data can either be stored for later use or transmitted to the intended recipient Decoding is accomplished by 
using the cyphertext to find the selected bytes in the modified secondary data stream, extracting the least significant bits, and reassembling 
those bits into the original data. These encryption techniques are also used for backing up data in a secure manner. The data to be backed 
up is first encrypted using selected encryption protocols and algorithms. The resulting ciphertext is then split into multiple parts and each 
part is stored on a separate floppy disk in selected locations that are determined by a separate encryption process which produces a selection 
cyphertext to select the storage locations. The remaining areas of each floppy disk are then filled in with random data to obscure the identity 
of the backed up information. Restoration of the original data is accomplished by using the selection cyphertext to locate the stored data 
on each floppy, reading that data and reassembling it into a data block, and men merging the data blocks from each floppy to recreate the 
original data. 
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• WO 99/10859 PCT/US98/17839 

ENCRYPTION SYSTEM FOR SECURE DATA 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 

The invention relates to digital data security technologies and communications and more 
5 particularly to a method and apparatus for securing data and permitting secure electronic 
communications relying on encryption and steganographic techniques. 

2. Description of the Related Technology 

Information and data transfer is growing at an alarming rate. The need for data security 
has also grown at an equal if not greater speed. The core problems that need to be addressed by 
1 0 any data security system are level of security, ease of use, integratability within the work 
environment, and mass/ global level usage. By contrast, electronic communications are 
inherently insecure and open. Confidential and proprietary information and data are transferred 
regularly through channels which are in need of a secure and user-friendly methodology to 
facilitate confidentiality. Presently there are two basic approaches to securing information: 
1 5 access control (such as password protection), and encryption (single key, dual key, One Time Pad 
(OTP), steganography, and hardware). Each of these methods has its own advantages and 
disadvantages pertaining to implementation, design, level of security, interoperability, 
development, ease of use, and widespread adoption, use, and appeal. 

Password protection is commonly used for access control but has inherent security level 
20 shortcomings when applied to data security. 

Encryption has been implemented in five basic methodologies: 

(a) Single key encryption — This uses an encryption algorithm along with an 
encryption key to encrypt and decrypt data. The same key is used in both encoding and 
decoding. The major shortcoming of single key technology is the transference of the key to the 

25 recipient. Most methodologies require a separate secure communication of the key to the 
recipient/decoder, via either fax, telephone or in person. 

(b) Dual key encryption — Public key encryption solves this problem by utilizing 
different keys for encryption and decryption. The encryption-public key is given out insecurely 
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to all potential encoders. The decryption-private key is kept by the recipient/decoder and not 
given out. Encryption is performed on data using the public key and only the private key can 
decode the data encrypted using its matching public half. Public key technology is primarily 
based on factorials oflarge prime numbers that facilitate the public and private key halves. There 

5 are presently several patents relating to public key technology, such as those held by RSA (U.S. 
Patent 4,405,829) and Diffie-Hellman (U.S. Patent 4,200,770). Presently, there are three 
shortcomings to the public key system in a large network. First, arepository capable of storing 
millions of public keys needs to be in place to facilitate Internet level global communications 
security. Second; due~to~the nature of public keys, they require large streams of data, and a 

10 method of authentication needs to be in place to validate the authenticity of the public keys 
within the repository. Third is the present difficulty and lack of ease of use inherent in today's 
public key products. 

(c) One Time Pad (OTP) is an encryption methodology that provides a high level of 
security for encrypted information. However, due to its reliance on truly random sequences for 

1 5 the initialization key and the inability of software to provide truly random numbers, OTP is not 
suitable for the mass market of end users and corporate users for secure communications. 

(d) Hardware encryption cards and boxes have been used for secure communications. 
Hardware encryption provides high level security and key management but is very costly. In 
addition, hardware encryption systems have not been compatible with other hardware systems, 

20 i.e. they lack interoperability. Hardware encryption is ideal for point to point communications 
or closed systems where cost is not a factor; they range from $ 1 ,000 - $25 ,000 in cost. Hardware 
encryption systems are typically not suitable for open or mass communication applications. 

(e) Steganography is a relatively new method for data security. Steganography, the 
art and science of hiding the existence of information, has in the past been primarily associated 
25 with invisible inks, messages sent via telephone line noise known as TranSec, and red cellophane 
such as that used in games to reveal information hidden in a red-blue block. Within the past two 
years,Steganographyhasnrigratedto^^^ 

images, sound files, or other media including text files such as Mimic functions. Mimic functions 
convert plaintext letters into common everyday English words that are then put together to form 
30 pseudo-sentences. The resulting message resembles a Madlib™. When steganography is applied 
to graphic images, it encodes information in the code of a graphic file either in the pixel coding, 
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high bits, or low bits of the coding. The former is useful for small messages but becomes 
apparent if large amounts of data are hidden. The latter two are more recent but are still in 
development stages as the encoding generates a noticeable deviation from the standard code of 
the graphics file. An example of a steganographic system is described by Cooperman et al. (U.S. 
5 patent 5,61 3,004), which is herein incorporated by reference in its entirety. All of these methods 
lose their security when the system is known and therefore should be used together with key 
based encryption for additional security. 



SUMMARY OF THE INVENTION 



This system features a data security method that combines the strength of encryption with 

1 0 the strength of steganography . According to the invention, a software or hardware package may 
provide both a secure method of communications via electronic communications systems and 
a secure work environment for data. The features and processes utilized in the invention deliver 
a cohesive standard by which data can be secured. Further the invention features an easy to use 
interface that is cohesive with standard protocols and procedures within both the corporate and 

15 individual environments. Finally, the interface combined with the high level of security and 
functionality lends mass market and global level appeal to the invention. 

It is an object of the invention to provide an encryption and security program for a 
personal computer system such as those using the Windows environment. It is a further object 
to provide an easy to use interface, and an easy to integrate environment. It is a further object 

20 to provide for file and document encryption, including selective partial document encryption; 
combined encryption and steganography for super secure domestic and secure international 
communications; multiple overwrite for deleted files; Digital Signatures for providing sender 
verification and document integrity validation; active document blanking for roaming eyes 
protection in impersonal or hostile work environments; steganographic key management; key list 

25 transfers; file compression; a secure key list back-up facility; administrative features; and unique 
registration and distribution features. Of course, the system also includes provisions for 
recovering the encrypted and encoded information. 

Once the data has been encrypted and/or steganographically encoded, it may be 
transmitted to another system, kept in the present system, stored on a media, or any combination 
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of those choices. Because of the exposed nature of most communications methods, the greatest 
need for such security is usually for transmitted data. 



BRIEF DESCRIPTION OF THE DRAWINGS 

Figure 1 shows a flow diagram of the encryption process. 
Figure 2 shows a flow diagram of public key distribution. 

Figure 3 shows a flow diagram of the process of combining encryption with 
steganography. 

Figure 4 shows a flow diagram of the steganographic selection algorithm process for 
generation of the selection algorithm. 

Figure 5 shows a flow diagram of the process of steganographically encoding data into 

a stream of data bits. 

Figure 6 shows an illustration of the floating toolbar user interface. 

Figure 7 shows a flow diagram of combining encryption and steganography for the 
purpose of secure backup to removable media, as may be used for storage of personal or 
administrator keys. 

DETAILED DESCRIPTION OF THE INVENTION 

A system according to the invention may encrypt files and documents with a choice of 
multiple algorithms and methods. One preferred embodiment may be designed with a modular 
open-ended architecture in an object-oriented scheme that allows the easy insertion of any 
encryption algorithm, including both single key and public key algorithms. The invention may 
utilize the modular design with flags that alert the program to the encryption method used for 
simple decryption and easy upgrade to multiple encryption algorithms and methods. Each 
algorithm is treated as a modular process that fits into the predefined call of the program. The 
program calls provide for akey(s) and input/output of data, thereby allowing for any encryption 
algorithm to be plugged in once configured to meet the specifications of the program calls. 

The preferred embodiment uses a two-step process: an encryption algorithm(s) creates 
the ciphertext, which is then steganographically secured. Both conventional single key 
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encryption and hybrid public/single key encryption systems can be used here. Since multiple 
types of encoding are contained in the system, each type using potentially different types of keys, 
key management is also a major feature. The flow charts of Figures 1 - 5 and 7 show the various 
processes involved in the system. 
5 Figure 1 shows the basic encryption process. In step 2 the data is input into the system 

through any suitable method (file selection or from within an application via a floating toolbar 
button as illustrated in Figure 6), where key management is performed in step 3. Key 
management can be the insertion of a key by the user, a selected key from a key list, or other key 
selection methodology including randomly generated keys. The key(s) is then used by the 

10 encryption process of step 4 to encrypt the retrieved data. The encryption method used is 
determined by a configuration performed by the user or by a preset default. An encrypted 
message, or ciphertext, is produced at step 5 as a result of this process. If only basic encryption 
is desired, the process can end here with the ciphertext being returned to either a file or back into 
the application the original data came from. However, for greater security and/or innocuous 

15 messaging the ciphertext can be subjected to further encoding techniques, as described later. 

Figure 2 shows the basic key transfer process utilized by the invention when distributing 
keys for use in a public key encryption system. In step 7, public keys are selected from a list or 
database for transfer. Keys are digitally signed by the sender's signing key in step 8 and 
transferred in step 9 via electronic mail, a network system, or saved to a file for manual transfer. 

20 Upon receiving the transferred keys, the recipient system authenticates them using existing 
public keys, and the recipient's local database of keys is updated in step 10 with the transferred 
keys. This process enables users to utilize public key encryption as described in Figure 1 for 
encryption of data and also for key authentication using a horizontal trust model. 

Figure 3 shows a two-step encoding process, with encryption followed by steganographic 

25 encoding. Steps 12 through 14 correspond to steps 2 through 4 in Figure 1, which produce a 
ciphertext through standard encryption techniques as described earlier. In step 15, a 
steganographic selection algorithm (SS A) uses the ciphertext in a bit-to-byte correspondence for 
selection of replaceable characters/bytes. The replacement produces the steganographically 
encoded result at step 1 7. The details of this process are expanded in Figures 4 and 5. 

30 Figure 4 shows the details of the steganographic selection algorithm (step 15 of Figure 

3), which uses an encryption key as both a key and as data to be encrypted. A key is chosen in 
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step 19, either randomly generated or chosen by the user, and repeatedly copied in step 20 until 
the result is the same size as the data stream or media which will be steganographically modified. 
This result is then encrypted in step 21 with the same key to produce a selection ciphertext. In 
step 22, each bit of the selection ciphertext is then associated with a byte (or pixel, or other 
suitable unit) in the data stream. The selected data stream bytes are those whose associated bit 
in the ciphertext is a logic T (or alternately, a logic 'O'). In a preferred embodiment, every data 
stream byte has an associated bit in the selection ciphertext, but for greater security only every 
nth byte can have an associated bit. While this selection algorithm is described in the context 
of steganographic data encoding, it can also be used for any other selection applications in which 
the selected units are to remain secret. 

Figure 5 shows the details of the steganographic encoding process (step 16 of Figure 3). 
The data to be encoded is brought in at step 25, and in step 26 each bit of this data is associated 
with a selected byte in the data stream or media to be modified. The data stream or media can 
be a random number stream, multimedia file such as a graphic image or sound file, a text 
document, or some other form of data. In step 27 the media is brought in for association with 
the bits in step 26. Using the selection algorithm developed in Figure 4, the least significant bit 
of each selected byte is replaced in step 28 by the corresponding data bit from step 26. This 
newly modified data stream or media represents the encoded steg-stream of step 29 which 
produces the secured message shown in step 17 of Figure 3. 

This process can also be described in mathematical terms. The steganographic selection 
algorithm is a reproducible random selection process utilizing ciphertext as the selection operand, 
where: 

k = any key 

d = any target data 

n = length in bytes of target data 

© = S (X) 

S(x> = A selection of x 



/o(d,/ x (k)) = d x 
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' A(k) = 

/ r (n d ,k) = k n d : n^n,, 

& 

/ c (k" d ,k) = (k n d ) k : (k^k", 

5 /o((k n d )k,d) = d x 

The invention utilizes an encryption algorithm and resulting ciphertext to enable a 
selection of data. The selection , f 0 (), is performed on the data, d, based on the bits from the 
resulting ciphertext, f x (k), where k is the encryption key and / x 0 is the process by which the key 
is used as both the encryption key and the plaintext, created by / r (). / r () takes the encryption 

10 key, k, and copies it back to back such that the resulting plaintext is equivalent in size, n, to the 
target data, r^, to be selected from. / c () uses the encryption key, k, to encrypt the plaintext 
resulting from / r (), or k n d . The resulting ciphertext, (k n d) k , is then used in a bit-to-data 
comparison to facilitate selection of units where d is the target data to be selected from and x is 
the selecting bit from the ciphertext. Either a 1 or 0 can be used as the selecting bit. d* is the 

15 resulting selected units from the data. 

The steganographic encoding process can be described mathematically by the following: 

m = any medium 
d = original data 
n = length in bits of original data 
20 / s () = a selection process 

/,0 = a least significant bit conversion 

/s2s(m, m' d ) = m" 
1 

/s(m) = m' 
25 /i(m\d 0 . n( d)) = ni , d 
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This process of encoding data within other data can be facilitated by the use of: 

(1 ) any medium, or data stream into which the original data will be encoded, such as that 
produced by a pseudo random number generator (PRNG); 

(2) the selection process; 



(4) the original data, to be encoded into the medium. 

The invention performs a least significant bit conversion on the medium where the bits from the 
original data are then inserted into selected bytes of the medium at the least significant bit 
position. The selection of bytes from the medium is performed by some selection process, such 



As an example, a random stream generated by a PRNG can be used as the medium. Data 
is encoded or hidden in the stream by converting the least significant bits from selected bytes of 
the medium into the bits from the original data, whether in plaintext or ciphertext form. 

An example of an encoding is as follows: 
15 Object: Hide the word "it." 

The bit sequence for the word "it" is: 01 101001 01 1 10100. 

The original PRNG stream: 

aku245q9S53Tol4hj2q356@$%d070 

H*37Hqdhg(dg&h#daghhhaead43y3q8uQ#8y3d203emape3m t zd+w[2oh[2 

20 Selection of the characters to be converted (underlined): 

aku245£9S53Tol4hi2q356@$%d070c6*^^ 
H137Hadhg(dg&h#daghhhaead43y3q8u^ 



5 



(3) a key to feed the selection process; and 



10 



as an algorithm, character key, or other method. 



-8- 



jcrwin- ^\Atr\ 



ftfiinornAO i ~ 



• WO 99/10859 

The bit sequences of the characters selected: 
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a q j d n i 

01100001 01110001 01101010 01100100 01101110 01101001 
i h 
01101001 01101000 

H * q # 8 p 

00101010 01110001 00100011 00111000 01110000 

[ 

01011011 

The bit sequence for the word "it," 01 101001 01 1 10100, is hidden in the selected byte 
sequences by least significant bit conversion: 

01100000 01110001 01101011 01100100 01 101 111 01101000 
01101000 01101001 

01001000 00101011 01110001 00100011 00110010 01110001 
01101100 01011010 

The characters represented by the new byte sequences are: 

•qkdohhiH+q#8ql\ 

These characters are now placed back into the stream from whence they came, giving a 
new data stream (the replacement characters are underlined): 

Tcu245fl9S53 , %14hk2q356@$%d070c6*&56)(oohury24r0q34hkjh3982i' 
H±37Hadhg(dg&h#daghbJhaead43y3q8uQ#8^3d203emaae31'zd+w[2oh\2 



01001000 
m 

01101101 
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The file to be f stegged\ i.e., the data stream in which the message will be hidden, is 
selectable by the user. This file can be in many formats, but for effective security it should be 
the type of file that can be modified without such modification being obvious. In addition to the 
PRNG file previously mentioned, other preferred formats are: graphics (BMP, GIF, JPG, etc.), 
sound (WAV, RA, AIF, MIDI, etc.), and video (MPG, MOV, etc.). Depending on the degree of 
modification, these files might be usable for graphics, sound, or video in their modified form 
without noticeable performance degradation, thus further obscuring the fact that they contain 
encoded data. 

The system also has a number of other features which give the user a range of selectable 
security functions: 

Toolbar User Interface (TUI) - The system utilizes a floating toolbar that gives the user simple 
accessibility to security functions throughout the operating system environment. Figure 6 shows 
an example of selections available from the toolbar. Item 3 1 is the toolbar's handle which 
enables both the drag and docking of the toolbar in the environment and, by right mouse clicking 
on the handle, allows for the configuration of the toolbar and other setup options. Items 32a and 
32b are the encrypt and decrypt buttons which allow users to select both files and data from 
outside the application to be encrypted by the invention. Item 33 is the active window protection 
button. Item 34 is the place holder for other features configurable for use on the toolbar with the 
default being the exit function. 

Selective Text Encryption - The system allows the user to highlight and select portions of the text, 
including paragraphs, sentences, even words, to be encrypted within a plaintext document. 
Delimiters are used so that a user decrypting the selected text does not have to identify its exact 
boundaries. 

Secure Delete - In most computers, deleted files are still retrievable after deletion because only 
the file's index pointer information has been removed, whereas the file itself is still intact. The 
system provides a secure deletion facility that will overwrite a file first with a set such as all O's 
and then with the set's compliment such as all l's, and then with one or more overwrites of 
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random data before deleting the file. This protects the user from having files retrieved from the 
drive after deletion. This function is selectable by the user. 



Digital Signatures - The system provides Digital Signature capability to its users. Digital 
Signatures verify the origin and document integrity using one way hash functions and the 
5 Signing key belonging to the user. The system generates a hash sequence based on the contents 
of a document and then encrypts it with the Signing key. This sequence can be checked by the 
recipient to validate the sender and the contents of the document by decrypting the hash sequence 
using the verification key, packaged with the user f s public key, and then comparing the hash of 
the document to the one contained in the Digital Signature. Digital Signatures can be used on 
10 both plaintext as well as ciphertext messages. 

Partial Screen Blanking - This provides a secure work environment by covering most of the 
active window with a graphic image. The active window is protected up to approximately the 
last 3/4 inch of the window. The graphic image acts like a window shade and can be 
manipulated using the mouse to cover more or less of the active window. This allows the user * 
15 to continue entering data and have the rest of the document secured from view. This feature is 
especially useful when the screen is in an unsecured area, where "roving eyes" can be a problem. - 
Partial screen blanking toggles on and off via a button on the TUI and can also be set to require 
a key to be toggled off. 

Key Management - The invention utilizes a special key management system incorporating public 
20 and single key technologies with Digital signatures and certificate formats, combined with ease 
of use to allow easy integration of a public key communication system without the need for a 
fully implemented public key infrastructure. The invention utilizes hybrid encryption. Data is 
encrypted using a Pseudo Random Number Generator (PRNG) generated session key to create 
the message ciphertext. The session key is then encrypted using either a recipient's public key 
25 (for transmission security), or a predetermined user local key (for storage security). A header is 
added to the message ciphertext containing the encrypted session key and other information 
necessary for decryption purposes. The other information contained in the header includes 
algorithm identifiers, file name, time and date information, sender name, and a digital signature 

- 11 - 
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if that option is selected. The header is divided into protected areas and clear text areas where 
protected areas are also encrypted and clear text areas are the minimum information needed to 
decrypt the header and message ciphertext upon receipt without undermining the security of the 
system. 

5 Public keys are transferred between corespondents via a key transfer utility included in 

the invention that facilitates a transparent Internet and/or network-based transfer of public key 
information. The public keys are X.509 certificate formatted in compliance with the standards 
for compatibility with Certificate Authorities (CA's) and can also be digitally signed by the 
sender to provide a horizontal Web of Trust infrastructure. Transmitted public keys contain the 

1 0 public half of the public key pair, the verification key, sender username and e-mail address, and 
any authentication information available to the sender including previous senders 1 signatures and 
digital identifications provided by CA's. Public keys are maintained in a database where 
authentication information is also associated with each public key. 

The user's secret information includes the user's private half of the public key pair, the 

15 user's signing key and the user's local encryption key. These are secured locally by the user. 

The system allows the user to utilize encryption and steganographic capabilities to both 
secure data and allow for innocuous messaging. As described above, a message or file is 
encrypted and steganography is used to encode the encrypted file into a graphic image, sound or 
movie file. 

20 File compression - A file compression utility is provided for the encrypted file to reduce file 
sizes. 

Secure Backup on Removable Media - This provides a method by which users can back up and 
store off-line on removable media important data such as personal decryption keys, 
Administrator keys, key pairs, or other highly confidential information and data. As shown in 
25 Figure 7, data is input into the system, encrypted, and then encoded onto the removable media. 
Figure 7 illustrates this process using two floppy diskettes. In a preferred embodiment, this 
process can be performed to multiple floppies and onto almost any removable media such as 
recordable CD-ROMs, Zip Disks, Back Up Tapes, etc. It can also be used with multiple 
locations of remote or local non-removable storage, although this might provide a lesser degree 
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of security. In step 36 the data, which could consist of personal keys or Administrator public key 
pairs, is input into the system. In step 37 key management is performed to determine the 
encryption key(s) for the data, such as a public key for a system administrator and a randomly 
generated session key. The data is then encrypted in step 38 using an encryption algorithm as 

5 in Figure 1 utilizing the keys from step 37. At step 39 the encrypted data is split into files 
corresponding to the number of removable media to be used. This splitting function involves 
taking bytes from the encrypted data and placing them into separate files such that each byte is 
placed in a different file than its adjacent bytes. For example, if three files were to be created 
using the splitting process in step 39, and 'abcdefghijklmno' was the starting file to be stored, the 

10 resulting split files would be: 'adgjm', TDehkn', and f cfilo\ This process eliminates unwanted 
exposure of partial ciphertexts in the event that the security of one or more of the split files is 
compromised. In step 40, each split file is written to selected sectors of its removable media. 
The key produced in step 37 is used to choose the exact sectors) on the removable media where 
the files are written. The keys themselves can also be written to one or more of the removable 

1 5 media, such as the first one. Both file(s) and keys can be written without headers. In step 41 the 
removable media is written to by a pseudo-random number generator (step 43) to "fill" the 
remaining sectors of the media with random noise. This filling process writes the random data 
to all sectors of the removable media except those previously written to. The removable media 
now contains the split files of the encrypted data masked into random noise. This process 

20 represents another form of steganography, since it entails the 'hiding' of sensitive data among 
other, non-sensitive data. 

Retrieval of the hidden data can occur by effectively reversing the aforementioned 
process: Key management is first performed to retrieve the relevant key(s) from the media. 
Then each split file is retrieved using the proper key(s), the multiple split files are merged, and 

25 decryption is performed on the merged file. This is basically a reversal of steps 38-40. 

Additional security can be provided through additional means, such as storing each of the 
backup media in a different location, physically securing the backup media, or keeping the key(s) 
separate from all the backup media. Such variations are obvious and the invention does not 
depend on their use. 
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Administrative Features - The system provides the network administrator or security 
administrator with several features tuned to the corporate environment. The Administrator can 
block access of employees to certain features of the system, including secure deletion, 
steganography, etc. The Administrator is also given the capability to gain emergency access to 
5 files and E-mails generated by users on the network. 



Decryption - Obviously, every encryption method also includes a decryption capability. The 
decryption is generally the equivalent of an encryption operation in reverse. The system of this 
invention can decrypt any message encrypted by the aforementioned methods, using the 
decryption method appropriate for each type of encryption. Multi-encrypted data is decrypted 
10 in the reverse order in which it was encrypted, using any decryption information available from 
the message itself. 

Various means of accomplishing the secure data features described herein are possible. 
Since most of the procedures involve the manipulation of digital data, the preferred embodiment 
uses software as a means to perform the described functions. The use of firmware, or a 

1 5 combination of software and firmware, is also envisioned. The preferred embodiment operates 
in the Windows environment due to the extremely broad market acceptance of the Windows 
operating system. But the invention will operate equally well in other environments, including 
single- or multi-user operating systems and single- or multi-processor systems. 

The invention may be embodied in other specific forms without departing from the spirit 

20 of the invention or its essential characteristics. The present embodiments are to be considered 
as illustrative and not restrictive, the scope of the invention being indicated by the following 
claims rather than by the foregoing description. All changes which come within the meaning and 
the range of equivalency of the claims are intended to be embraced herein. 
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What is claimed is: 



1 1 . A method of providing data security for digital data by using steganographic techniques, 

2 comprising the steps of: 

3 providing a first data block comprising a plurality of data bits; 

4 providing a second data block comprising a plurality of discrete units, each of said 

5 discrete units comprising a plurality of bits; 

6 selecting a plurality of particular discrete units within the second data block, the number 

7 of said plurality of particular discrete units being at least as great as the number of data bits 

8 contained in the first data block; 

9 associating each data bit in the first data block with a corresponding selected particular 

1 0 discrete unit in the second data block; 

1 1 replacing a selected bit within each selected particular discrete unit with said selected 

1 2 particular discrete unit's associated data bit to form a corresponding new particular discrete unit; 

13 and 

14 replacing each selected particular discrete unit in the second data block with its 

1 5 corresponding new particular discrete unit to form a modified second data block. 

1 2. The method of claim 1, wherein each discrete unit is a byte. 

1 3. The method of claim 1, wherein said selected bit of each particular discrete unit is the 

2 least significant bit. 

1 4. The method of claim 1 , wherein the second data block is generated by a pseudo-random 

2 number generator. 

1 5. The method of claim 1, wherein the second data block is a file selected from a list 

2 comprising a graphics file, a sound file, or a video file. 
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1 6. The method of claim 1 , wherein the step of associating each data bit in the first data block 

2 with a corresponding selected particular discrete unit in the second data block is done in a 

3 sequential manner, comprising: 

4 a) associating the first data bit in the first data block with the selected particular discrete 

5 unit that occurs first in the second data block; 

6 b) associating the next data bit in the first data block with the selected particular discrete 

7 unit that occurs next in the second data block; and 

8 c) repeating step b) for each of the remaining data bits and selected particular discrete 

9 units. 

1 7 . The method of claim 1 , wherein the step of selecting a plurality of particular discrete units 

2 comprises: 

3 using an encryption algorithm to create a selection key comprising a series of binary bits; 

4 and 

5 associating each binary bit in the selection key with a corresponding discrete unit in the 

6 second data block. 

1 8. The method of claim 7, wherein each discrete unit in the second data block that is 

2 associated with a logic T bit in the selection key is a selected particular discrete unit. 

1 9. The method of claim 7, wherein each discrete unit in the second data block that is 

2 associated with a logic '0 f bit in the selection key is a selected particular discrete unit. 

1 10. The method of claim 1, further comprising the steps of constructing a copy of the first 

2 data block from the modified second data block, said steps comprising: 

3 selecting each said new particular discrete unit in the modified second data block; 

4 extracting the selected bit from each selected new particular discrete unit; and 

5 combining the extracted data bits to form a copy of the first data block. 

1 11. A system for providing data security for digital data by using steganographic techniques, 

2 comprising: 
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3 ' a first data block comprising a plurality of data bits; 

4 - a second data block comprising a plurality of discrete units, each of said discrete units 

5 comprising a plurality of bits; 

6 means for selecting a plurality of particular discrete units within the second data block, 

7 the number of said plurality of particular discrete units being at least as great as the number of 

8 data bits contained in the first data block; 

9 means for associating each data bit in the first data block with a corresponding selected 

10 particular discrete unit in the second data block; 

1 1 means for replacing a selected bit within each selected particular discrete unit with its 

12 associated data bit to form a corresponding new particular discrete unit; and 

13 means for replacing each selected particular discrete unit in the second data block with 

14 its corresponding new particular discrete unit to form a modified second data block. 

1 12. The system of claim 11, wherein each discrete unit is a byte. 

1 13. The system of claim 1 1, wherein said selected bit of each particular discrete unit is the 

2 least significant bit. 

1 14. The system of claim 11, further comprising a pseudo-random number generator, the 

2 second data block being generated by said pseudo-random number generator. 

1 15. The system of claim 11, wherein the second data block is a file selected from a list 

2 comprising a graphics file, a sound file, or a video file. 

1 16. The system of claim 1 1 , wherein the means for associating each data bit in the first data 

2 block comprises: 

3 a) means for associating the first date bit in the first data block with the selected 

4 particular discrete unit that occurs first in the second data block; 

5 b) means for associating the next data bit in the first data block with the selected 

6 particular discrete unit that occurs next in the second data block; and 

7 c) means for repeating b) for each of the remaining data bits and discrete units. 
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1 17. The system of claim 1 1 , wherein the means for selecting a plurality of particular discrete 

2 units comprises: 

3 an encryption algorithm; 

4 a selection key comprising a plurality of binary bits, said selection key having been 

5 created by the encryption algorithm; and 

6 means for associating each of the plurality of binary bits in the selection key with a 

7 corresponding discrete unit in the second data block. 

1 18. The system of claim 1 7, wherein each selected particular discrete unit in the second data 

2 block is associated with a logic T bit in the selection key. 

1 19. The system of claim 1 7, wherein each selected particular discrete unit in the second data 

2 block is associated with a logic '0 f bit in the selection key. 

1 20. The system of claim 1 1, further comprising: 

2 means for selecting each said new particular discrete unit in the modified second data 

3 block; 

4 means for extracting the selected bit from each selected new particular discrete unit; and 

5 means for combining the extracted data bits to form a copy of the first data block. 

1 21. A method of providing data security for digital data by using both encryption and 

2 steganographic techniques, comprising the steps of: 

3 encrypting a selection of data to produce a first data block, said first data block 

4 comprising a plurality of data bits; 

5 determining the number of said data bits contained in the first data block; 

6 providing a second data block comprising a plurality of discrete units, each of said 

7 discrete units comprising a plurality of bits; 

8 selecting a plurality of particular discrete units within the second data block, the number 

9 of said plurality of particular discrete units being at least as great as the number of data bits 
1 0 contained in the first data block; 
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1 1 " associating each data bit in the first data block with a corresponding selected particular 

12 * discrete unit in the second data block; 

13 replacing a selected bit within each selected particular discrete unit with said selected 

1 4 particular discrete unit's associated data bit to form a corresponding new particular discrete unit; 

15 and 

16 replacing each selected particular discrete unit in the second data block with its 

17 corresponding new particular discrete unit to form a modified second data block. 



1 22. The method of claim 21 , wherein each discrete unit is a byte. 

1 23. The method of claim 21 , wherein said selected bit of each particular discrete unit is the 

2 least significant bit. 

1 24. The method of claim 2 1 , wherein the second data block is generated by a pseudo-random 

2 number generator. 

1 25. The method of claim 21, wherein the second data block is a file selected from a list 

2 comprising a graphics file, a sound file, or a video file. 

1 26. The method of claim 21, wherein the step of associating each data bit in the first data 

2 block with a corresponding selected particular discrete unit in the second data block is done in 

3 a sequential manner, comprising: 

4 a) associating the first data bit in the first data block with the selected particular discrete 

5 unit that occurs first in the second data block; 

6 b) associating the next data bit in the first data block with the selected particular discrete 

7 unit that occurs next in the second data block; and 

8 c) repeating step b) for each of the remaining data bits and selected particular discrete 

9 units. 

1 27. The method of claim 2 1 , wherein the step of selecting a plurality of particular discrete 

2 units comprises: 
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3 using an encryption algorithm to create a selection key comprising a series of binary bits; 

4 and 

5 associating each binary bit in the selection key with a corresponding discrete unit in the 

6 second data block. 

1 28. The method of claim 27, wherein each discrete unit in the second data block that is 

2 associated with a logic T bit in the selection key is a selected particular discrete unit. 

1 29. The method of claim 27, wherein each discrete unit in the second data block that is 

2 associated with a logic '0' bit in the selection key is a selected particular discrete unit. 

1 30. The method of claim 21, further comprising the steps of constructing a copy of the first 

2 data block from the modified second data block, said steps comprising: 

3 selecting each said new particular discrete unit in the modified second data block; 

4 extracting the selected bit from each selected new particular discrete unit; 

5 combining the extracted data bits to form a copy of the first data block; dea>pting the 

6 copy of the first data block to form a copy of the selection of data. 

1 31. A system for providing data security for digital data by using both encryption and 

2 steganographic techniques, comprising: 

3 a selection of data; 

4 a first data block, wherein said first data block is created by encrypting the selection of 

5 data, said first data block comprising a plurality of data bits; 

6 means for determining the number of data bits contained in the first data block; 

7 a second data block comprising a plurality of discrete units, each of said plurality of 

8 discrete units comprising a plurality of bits; 

9 means for selecting a plurality of particular discrete units within the second data block, 

10 the number of said plurality of particular discrete units being at least as great as the number of 

1 1 data bits contained in the first data block; 

12 means for associating each data bit in the first data block with a corresponding selected 

1 3 particular discrete unit in the second data block; 
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14 • means for replacing a selected bit within each selected particular discrete unit with its 

15 * associated data bit to form a corresponding new particular discrete unit; and 

16 means for replacing each selected particular discrete unit in the second data block with 

17 its corresponding new particular discrete unit to form a modified second data block. 

1 32. The system of claim 3 1 , wherein each discrete unit is a byte. 

1 33 . The system of claim 3 1 , wherein said selected bit of each particular discrete unit is the 

2 least significant bit. 

1 34. The system of claim 31, further comprising a pseudo-random number generator, the 

2 second data block being generated by said pseudo-random number generator. 

1 35. The system of claim 31, wherein the second data block is a file selected from a list 

2 comprising a graphics file, a sound file, or a video file. 

1 36. The system of claim 3 1 , wherein the means for associating each data bit in the first data 

2 block comprises: 

3 a) means for associating the first data bit in the first data block with the selected 

4 particular discrete unit that occurs first in the second data block; 

5 b) means for associating the next data bit in the first data block with the selected 

6 particular discrete unit that occurs next in the second data block; and 

7 c) means for repeating b) for each of the remaining data bits and selected particular 

8 discrete units. 

1 37. The system of claim 3 1 , wherein the means for selecting a plurality of particular discrete 

2 units comprises: 

3 an encryption algorithm; 

4 a selection key comprising a plurality of binary bits, said selection key having been 

5 created by the encryption algorithm; and 
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6 means for associating each of the plurality of binary bits in the selection key with a 

7 corresponding discrete unit in the second data block. 

1 38. The system of claim 37, wherein each selected particular discrete unit in the second data 

2 block is associated with a logic '1* bit in the selection key. 

1 39. The system of claim 37, wherein each selected particular discrete unit in the second data 

2 block is associated with a logic '0* bit in the selection key. 

1 40. The system of claim 3 1 , further comprising: 

2 means for selecting each said new particular discrete unit in the modified second data 

3 block; 

4 means for extracting the selected bit from each selected new particular discrete unit; 

5 means for combining the extracted data bits to form a copy of the first data block; and 

6 means for decrypting the copy of the first data block to form a copy of the selection of 

7 data. 

1 41 . A method of securely backing up data, comprising the steps of: 

2 providing a first data block, said first data block comprising a plurality of discrete units; 

3 providing a plurality of memory units; 

4 splitting said first data block into a plurality of split data blocks, the number of said split 

5 data blocks being equal to the number of said memory units, wherein each of said split data 

6 blocks contains a portion of the discrete units from the first data block; 

7 associating each of said split data blocks with a memory unit; 

8 encoding each of said split data blocks in its associated memory unit. 

1 42. The method of claim 41, wherein the step of providing a first data block comprises 

2 encrypting a selection of data to produce said first data block. 
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1 " 43 . The method of claim 4 1 , wherein the step of encoding comprises: 

2 ■ for each split data block and associated memory unit, selecting a plurality of locations in 

3 said associated memory unit; 

4 associating each of said discrete units in said split data block with one of said plurality 

5 of locations; 

6 writing each of said discrete units in its associated location. 

1 44. The method of claim 43, wherein the step of encoding further comprises writing data to 

2 other locations that are not associated with said discrete units. 

1 45. The method of claim 44, wherein said plurality of locations are selected by a selection 

2 key. 

1 46. The method of claim 44, wherein each of said discrete units is a byte. 

1 47 . The method of claim 44, wherein each of said memory units is a removable storage unit. 

1 48. The method of claim 41 , further comprising the steps of restoring backed up data from 

2 said plurality of memory units, said steps comprising: 

3 retrieving said plurality of split data blocks from said plurality of associated memory 

4 units; 

5 merging said plurality of split data blocks to form a copy of said first data block. 

1 49. A system for securely backing up data, said system comprising: 

2 a first data block comprising a plurality of discrete units; 

3 a plurality of memory units; 

4 means for splitting said first data block into a plurality of split data blocks, the number 

5 of said split data blocks being equal to the number of said memory units, wherein each of said 

6 split data blocks contains a portion of the discrete units from the first data block; 

7 means for associating each of said split data blocks with a memory unit; 

8 means for encoding each of said split data blocks in its associated memory unit. 
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1 50. The system of claim 49, further comprising a means for encrypting a selection of data to 

2 produce said first data block. 

1 51. The system of claim 49, wherein the means for encoding comprises: 

2 means for selecting a plurality of locations in each of said associated memory units; 

3 means for associating each of said discrete units in said split data block with one of said 

4 plurality of locations; 

5 means for writing each of said discrete units in its associated location. 

1 52. The system of claim 5 1 , wherein the means for encoding further comprises means for 

2 writing data to other locations that are not associated with said discrete units. 

1 53. The system of claim 52, further comprising a selection key adapted for selecting said 

2 plurality of locations. 

1 54. The system of claim 52, wherein each of said discrete units is a byte. 

1 55. The system of claim 52, wherein each of said memory units is a removable storage unit. 

1 56. The system of claim 49, further comprising a means for restoring backed up data from 

2 said plurality of memory units, comprising: 

3 means for retrieving said plurality of split data blocks from said plurality of associated 

4 memory units; 

5 means for merging said plurality of split data blocks to form a copy of said first data 

6 block. 

1 57. A method for selecting a plurality of discrete units with a secure selection key, said 

2 method comprising the steps of: 

3 providing an encryption key; 

4 copying said encryption key a plurality of times to form a data block; 
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5 " encrypting said data block with said encryption key to form a selection key, said selection 

6 " key comprising a plurality of bits; 

7 providing a plurality of discrete units; 

8 associating each bit of said selection key with one of said plurality of discrete units; 

9 selecting only those discrete units whose associated bit has a particular logic state. 



1 58. The method of claim 57, wherein the step of associating further comprises: 

2 associating each bit of said selection key with every nth discrete unit, where n is an 

3 integer. 

1 59. The method of claim 57, wherein said particular logic state is a logic 'one'. 

1 60. The method of claim 57, wherein said particular logic state is a logic 'zero 1 . 

1 61. The method of claim 57, wherein said discrete unit is a data byte. 

1 62. The method of claim 57, wherein the number of bits in said selection key equals the 

2 number of discrete units. 



1 63 . A system for selecting a plurality of discrete units with a secure selection key, said system 

2 comprising: 

3 an encryption key; 

4 means for copying said encryption key a plurality of times to form a data block; 

5 means for encrypting said data block with said encryption key to form a selection key, 

6 said selection key comprising a plurality of bits; 

7 a plurality of discrete units; 

8 means for associating each bit of said selection key with one of said plurality of discrete 

9 units; 

I o means for selecting only those discrete units whose associated bit has a particular logic 

II state. 
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1 64. The system of claim 63, wherein the means for associating further comprises: 

2 means for associating each bit of said selection key with every nth discrete unit, where 

3 n is an integer. 

1 65. The system of claim 63, wherein said particular logic state is a logic 'one'. 

1 66. The system of claim 63, wherein said particular logic state is a logic 'zero'. 

1 67. The system of claim 63, wherein said discrete unit is a data byte. 

1 68. The system of claim 63, wherein the number of bits in said selection key equals the 

2 number of discrete units. 
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each part on separate floppy disks in locations selected by separate encryption 
process which produces a selection ciphertext. The original data is restored by 
merging the data blocks from each floppy. 
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